Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

FRIDAY FLOWS Episode #30 - Normalizing Alerts using Tines AI & Creating Cases In today's episode, Michael Tolan takes us through a workflows where we're leveraging the new Tines AI Action to normalize multiple alerts and create cases in our native Case management. As always, our free Community edition is in the comments and we'd love to hear what you thought of today's episode in the comments.

From transforming data with a prompt and generated code, to directly accessing and using a language model in your workflows, our AI features make automation even more accessible and efficient for anyone in your organization. Learn how you can take multi-source security alert workflows from 25 actions to 3, reducing the potential for error and making it simpler to make updates like adding sources, change rule definitions, and more.

In this video, we'll take a look at some basic navigation around being a admin within Tines.

On today's episode, Michael Tolan from the Tines labs team is taking us through this enrichment workflow. Recorded Future is our long-time threat intel partner and has been the leader in that space for years now. This will give you some insight into how we work better together.

Rosie Halpin, Product Manager, will dive into how you can use powerful, intuitive case management in Tines to investigate, remediate, and report on security incidents. She’ll walk through how cases powers security teams to respond to events by: Join us to learn how you can build on top of your existing powerful automations in Tines with cases.

In today’s Friday Flows, Conor Dunne, from the Tines Labs team, walks us through a new story using AI to create cases and act on CrowdStrike alerts. As is the case with many alerts, there’s a lot of information, but it’s not always very clear. He first uses AI to simplify & normalize the data. Once that is done & a case is created, we can also use AI to act as a security analyst and respond with one of four actions: Suspend a user account Isolate a host Block a URL Alert the security team using PagerDuty.

We're excited to bring you another workflow from the Tines library and to introduce your new Friday Flows host Cameron Higgs! The legendary Blake Coolidge is handing over the reins for a season but he'll be back on your screens before too long. In this episode, Conor Dunne walks Cameron through a workflow that pulls leads related to the Amazon Web Services (AWS) environment flagged by Hunters and searches for users with unauthorized permissions.

In this video, we'll take a look at how to import a story.

For teams focused on vulnerability management, maintaining a secure and resilient environment for your organization is paramount. From finding vulnerabilities and assessing their risk, to patch management and continuous reporting, teams are often juggling disconnected systems, various input sources, and manual prioritization and assignment to ensure vulnerabilities aren’t being overlooked.